Hi everyone, Im currently working on the reset password functionality. There are 2 options: The admin forces a user to change his/her password. The user requests a new password (forgotten his/her password. I configured all the required modules (encryption, mxModelReflection, email, deeplink,...) The problem I’m facing right now lies in the deeplink module. When the deeplink triggers it it forces me to login. My question: Is it possible to NOT allow anonymous users but still change the password? The way I see it, there are 2 solutions: I allow anonymous users and only make the login-page accessible. In the deeplink microflow I first login and then show a change password page. However, I don’t know how to do this.
What we have done is creating a button on the login screen with Password forgotten.
This opens up a page where the user needs to enter its account credentials. After submit check if the account exists. If so send a mail that a forgotten password has been requested. In this mail is a link to trigger the deeplink. The only thing this deeplink does is creating a new password, sets it for that user and sends another mail to the user with the new password. This deeplink must be availabe for anonymous users. But this is not an issue because offcourse you add a parameter to this link with some id so you know which user has requested the password change.